May 13, 2013

What are the Risks of Mobile Phones?

Just a short decade ago, most online users felt very
little threat from any type of outside intrusion by hackers that meant to steal
their identities or do them harm. However, in the last 10 years many things
have changed regarding how individuals perform their daily routines online and
off-line. With recent advancements in mobile technology, many tablets and
mobile phones have become the devices we use to connect to the Internet,
whether it is for pleasure or for work.

While much concern is given to how individuals connect
from their desktops to online financial institutions and other sites that
contain personal information, connecting through a mobile device is often not
given as much focus. For instance, a recent issue with the Galaxy SIII made it possible to completely bypass the lock screen, granting full access to the device.

A Settled Federal
Mobile Security Case

Not long ago, the Federal Trade Commission (FTC) settled
with HTC America after a complaint had been filed against them. The complaint
was over the software vulnerabilities of all of their mobile products,
including Windows Phone, Windows Mobile and Android products.

The FTC addressed the long list of problems that involved
the mobile software used to operate HTC products. While many of the issues seem
small and insignificant, when grouped together, they created serious security issues
that affected every mobile user. In addition to that, the company was cited for
their failure to implement the appropriate means to evaluate the security
levels in all of the products the company shipped to its customers.

Provided
Inadequate Security

Other issues involved the failure to implement adequate
security and privacy guidance for its own in-house engineering staff or to provide
the required training. The company also failed to conduct reviews, audits,
tests and assessments that could help ascertain all of the potential
vulnerabilities and security on the mobile devices they sold.

The company also failed in the implementation of
addressing many of the security vulnerability reports that were provided
through third-party academics, researchers, and the public. Their inaction
helped to delay the opportunity to provide a variety of corrections and
solutions once the incidents had been reported.

Harmful Coding

Some of these stated vulnerabilities included non-secured
communications, the misuse of application permissions, non-secured application
installations, and the insertion of a harmful debug code. The complaint filed
by the FTC fully outlines the risks that were developed because of HTC
America’s practices.

The settlement surely sent a shiver through the software
development industry, especially those that provide mobile software solutions.
The precedent set by the federal government and their concern over mobile
security seems to have found solid footing. Hopefully, the direct actions of the
mobile provider industry will reflect more protection in the products that are
shipped to customers.

As a Consumer

As a consumer, most of us do not realize the mobile
security threats that lurk every day on our mobile devices, smart phones and
tablets. Many of these problems include malware, SMS spoofing, and toll fraud.
To the online hacker, mobile cybercrime creates large amounts of money. It is
estimated that cybercrime on the Internet caused all consumers over $100
billion worldwide back in 2011. Studies indicate that mobile crime will cost
significantly more in the near future.

Once considered to be the crime of desktops and laptops,
phishing scams have made their way into mobile technology. Included with that
are unsolicited text messages that have the ability to capture personal
confidential information. It can also infect the phone with nothing more than
an SMS message. The bottom line is that every smart phone requires the same
level of protection that a PC or Mac does.

Now instead of using email social engineering to request
information, cyber-thieves have incorporated the process into SMS text. The SMS
message will likely have an embedded link or provide a phone number to listen
to a “voicemail” in an effort to garner personal data.

Installing Spyware
on a Mobile Phone

Cyber-hackers that want to obtain information on a child,
spouse, employee, or even a rival will often turn to another individual’s smart
phone by installing spyware. Many spyware applications have the ability to
disguise or hide themselves and will not even show up on the long list of
running applications. The application allows the hacker to use GPS tracking to
locate the individual, or even activate the microphone or camera to record
conversations. So far, most spyware applications need to be initiated using the
phone. By keeping it protected with a passcode and only installing applications
from official app stores, most would-be hacking or spy action can be averted.

Without most mobile phone users becoming aware, cyber
criminals and hackers have apparently found mobile technology to be the next
platform to exploit. Through malicious websites, spyware technology, SMS
phishing, covert emails, and harmful malware every mobile phone owner should be
aware of the problems lurking inside their phone.